A fixed-scope, low-touch external review for startups, SaaS teams and agencies. Public-facing web, DNS, email and exposed security signals reviewed and delivered as a written report with prioritised remediation.
This is not a full penetration test. It is a focused external snapshot designed to catch obvious public-facing risks and turn them into a clear remediation plan.
SPF, DKIM, DMARC, MX, CAA and basic domain trust posture.
Security headers, HSTS, TLS posture, public endpoints and visible browser-side controls.
Login pages, admin surfaces, staging hints, public APIs, status/config pages and obvious technology signals.
Executive summary, risk register, evidence, business impact and remediation guidance.
No exploitation, no brute force, no destructive testing and no attempt to access customer data.
If the snapshot finds important issues, you can request a deeper review or retest after fixes.
You submit the target and confirm you are authorised.
I confirm what is and is not included in writing.
Payment happens only after scope approval.
You receive the written snapshot within the agreed window.
Use this for the £149 External Security Snapshot. No commitment at this stage. I’ll reply with scope, timing and payment link only if it fits.